e7e349988377de0f1e7c5f665ef0bbf7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7e349988377de0f1e7c5f665ef0bbf7_JaffaCakes118
Size

537KB
MD5

e7e349988377de0f1e7c5f665ef0bbf7
SHA1

16e2d202d76c2dfb4004ed035024df42c5e314dd
SHA256

979987c956e770e9b53b70e6530626574e8ed32111d36f976b4cfc4d46e95ad2
SHA512

b83bc1c7ffa80859ace3811411fbbcbc635d7dbdb55c7bea164aa6acf9e4260e908494849a3fd9820dc76d7159b3522eaa53556bd1dd0dfa80d65c2f3a507799
SSDEEP

12288:o37g3zgzwckfaUy5b3MjvTIR9cb4G5aHCE7:o37UgzDkyUy5m7RMHCE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7e349988377de0f1e7c5f665ef0bbf7_JaffaCakes118

Files

e7e349988377de0f1e7c5f665ef0bbf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1f67913fb390e42dae5929cc639418d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cseld\mleofa\oeshtdt\haajeyea\ortts\a

Imports

kernel32

GetEnvironmentStringsW
HeapDestroy
SetSystemTime
Sleep
FreeLibrary
WriteConsoleA
GetModuleHandleA
GetConsoleMode
InterlockedCompareExchange
GetStdHandle
HeapReAlloc
TlsAlloc
SetFilePointer
HeapCreate
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetDateFormatA
ReadFile
GetCurrentThread
GetCommandLineA
MultiByteToWideChar
CreateMutexA
WriteConsoleW
InterlockedIncrement
GetOEMCP
SetEnvironmentVariableA
ConvertDefaultLocale
GetModuleFileNameA
SetLastError
GetModuleHandleW
InterlockedExchange
GetProfileSectionW
TlsFree
WideCharToMultiByte
TlsGetValue
HeapFree
SetUnhandledExceptionFilter
OpenMutexA
GetCommandLineW
lstrcmpi
GetTimeZoneInformation
GetTimeFormatA
GetUserDefaultLCID
CreateFileA
VirtualQuery
CloseHandle
SetStdHandle
DeleteCriticalSection
GetStringTypeA
CompareStringA
SetConsoleCtrlHandler
ExitProcess
GetCPInfo
GetStartupInfoA
GetProcAddress
HeapAlloc
EnterCriticalSection
VirtualAlloc
SetHandleCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleOutputCP
IsDebuggerPresent
WriteFile
EnumSystemLocalesA
GetConsoleCP
HeapSize
LCMapStringW
GetACP
GetStartupInfoW
GetFileType
OpenEventA
LoadLibraryA
FlushFileBuffers
RtlUnwind
LCMapStringA
IsValidLocale
CompareStringW
GetLocaleInfoA
LeaveCriticalSection
IsValidCodePage
UnhandledExceptionFilter
GetLocaleInfoW
VirtualFree
GetCurrentProcess
GetStringTypeW
TlsSetValue
TerminateProcess
GetModuleFileNameW
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentProcessId

shell32

ExtractAssociatedIconA
SHGetSettings

comctl32

InitCommonControlsEx

user32

DispatchMessageA
ChangeDisplaySettingsExW
ScrollWindowEx
LoadImageW
MessageBoxExW
DdeAccessData
RegisterClassA
BringWindowToTop
CharNextW
RegisterClassExA

gdi32

StartDocW
PathToRegion
AngleArc
GetColorSpace
CreatePolyPolygonRgn
Arc
LPtoDP
SetMapperFlags
GetKerningPairsA
ResetDCW
GetBitmapDimensionEx
ExcludeClipRect

advapi32

CryptSetProviderExA
RegLoadKeyA
RegDeleteKeyW
CryptDestroyKey
RegEnumValueW
CryptGenKey
DuplicateTokenEx
RegEnumKeyA
RegSetValueW
CryptGetDefaultProviderW
CryptDecrypt
RevertToSelf
CryptSignHashA
CryptSignHashW
RegSaveKeyW
RegRestoreKeyW
CryptSetKeyParam

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f67913fb390e42dae5929cc639418d

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

user32

gdi32

advapi32

Sections

.text Size: 355KB - Virtual size: 355KB

.rdata Size: 56KB - Virtual size: 59KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 355KB - Virtual size: 355KB

.rdata
Size: 56KB - Virtual size: 59KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 17KB - Virtual size: 16KB